fix: restrict sensitive system endpoints

2026-06-17 05:30:43 +08:00 · 2026-06-09 21:45:51 +08:00
parent d1cf584af9
commit dc2b6910a4
10 changed files with 476 additions and 78 deletions
--- a/app/core/security.py
+++ b/app/core/security.py
@@ -148,7 +148,9 @@ def create_access_token(
    return encoded_jwt


-def __set_or_refresh_resource_token_cookie(request: Request, response: Response, payload: schemas.TokenPayload):
+def set_or_refresh_resource_token_cookie(
+        request: Request, response: Response, payload: schemas.TokenPayload
+) -> None:
    """
    设置资源令牌 Cookie
    :param request: 包含请求相关的上下文数据
@@ -258,7 +260,7 @@ def verify_token(
        payload = __verify_token(token=jwt_token, purpose="authentication")

        # 如果没有 resource_token，生成并写入到 Cookie
-        __set_or_refresh_resource_token_cookie(request, response, payload)
+        set_or_refresh_resource_token_cookie(request, response, payload)

        return payload
    elif api_key: